Microsoft Office 365

Pierluigi Paganini June 17, 2022
A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould

Experts discovered a feature in Microsoft 365 suite that could be abused to encrypt files stored on SharePoint and OneDrive and target cloud infrastructure. Researchers from Proofpoint reported that a feature in the in Microsoft 365 suite could be abused to encrypt files stored on SharePoint and OneDrive. “Proofpoint has discovered a potentially dangerous piece […]

Pierluigi Paganini February 09, 2021
Microsoft to notify Office 365 users of nation-state attacks

Microsoft implements alerts for ‘nation-state activity’ in the Defender for Office 365 dashboard, to allow organizations to quickly respond. Since 2016, Microsoft has been alerting users of nation-state activity, now the IT giant added the same service to the Defender for Office 365 dashboard. The new security alert will notify companies when their employees are […]

Pierluigi Paganini November 28, 2020
Office 365 phishing campaign leverages Oracle and Amazon cloud services

Experts warn of a new sophisticated phishing scheme for stealing Office 365 credentials from small and medium-sized businesses in the U.S. The new sophisticated phishing scheme was implemented by threat actors for stealing Office 365 credentials, it leverages both cloud services from Oracle and Amazon for their infrastructure. The campaign has been active for more […]

Pierluigi Paganini November 08, 2020
Creative Office 365 phishing inverts images to avoid detection bots

Experts spotted a creative Office 365 phishing campaign that inverts images used as backgrounds for landing pages to avoid getting flagged as malicious. Researchers at WMC Global have spotted a new creative Office 365 phishing campaign that has been inverting images used as backgrounds for landing pages to avoid getting flagged as malicious by security […]

Pierluigi Paganini August 16, 2018
PhishPoint Phishing Attack – A new technique to Bypass Microsoft Office 365 Protections

Security experts from the cloud security firm Avanan have discovered a new technique dubbed PhishPoint, that was used by hackers to bypass Microsoft Office 365 protections. PhishPoint is a new SharePoint phishing attack that affected an estimated 10% of Office 365 users over the last 2 weeks. The experts are warning of the new technique […]

Pierluigi Paganini June 28, 2016
Microsoft Office 365 targeted with massive Cerber ransomware 0-day campaign

Cloud security provider Avanan discovered a number of Cerber Ransomware variants targeting corporate Office 365 users with malicious emails. Cloud security provider Avanan spotted a number of Cerber Ransomware variants that are targeting corporate Office 365 users with spam or phishing emails leveraging on malicious file attachments. Threat actors sent an Office document that embedded malicious macros to download […]